The Tedium is the Message: Finn Brunton’s “Spam: A Shadow History of the Internet”

Gray hair is God’s graffiti. A language is a dialect with an army and a navy. Fashion is something that goes in one year and out the other. Henry James writes fiction as if it were a painful duty. In love there are things — bodies and words.

BETWEEN ROUGHLY 1995 AND 2007, mysterious emails pitching cheap Viagra and penny stocks were part of everyday life online. Over time, the messages grew stranger, incorporating passages of classic science fiction, ribald limericks, and the occasional incomprehensible JPEG. Although IT departments circulated enjoinders to “blacklist” these unsolicited messages, many of us were fascinated, producing blogs, fanzines, and poetry dedicated to the oddly evocative digital detritus. Meanwhile, spam continued to evolve, becoming increasingly intrusive. Often masquerading as urgent communication from a friend or family member, the absurd verse of anonymous “authors” like MegaDik gave way to desperate requests for money. Today, smart filters guard our inboxes, but the spammers are flanking us on blogs and social media. More cockroach than virus, spam adapts and stubbornly survives.

It would appear that the word “spam” first entered the lexicon of computer engineering by way of the 1970 Monty Python sketch, then, as now, a touchstone of geek humor. Early network users encountered one screenful of text at a time, and their electronic identities were expressed through song lyrics, jokes, apocryphal quotations, and elaborate ASCII art signatures. Sending an endless stream of nonsense text into such an environment offered a juvenile thrill to the would-be troublemaker. No matter how annoyed the recipients might be, they could not help but hear Vikings sing along as their terminals blipped out “SPAM SPAM SPAM SP…” at a maddening 300 characters per second.

Spam, in all of its myriad forms, is essentially an attempt to capture and redirect a user’s attention, if only momentarily. Whether that tiny portion of attention is turned toward a sales pitch, a phishing scam, or an incomprehensible bit of algorithmic verse, the basic function of spam is the same. Finn Brunton’s new book Spam: A Shadow History of the Internet offers the first sustained look at the relationship between attention and community in online spaces. According to Brunton’s calculus, spam presents a direct threat to the very fabric of online community; each unsolicited ad for male potency pills slowly bleeds a community of valuable bits of human attention. For believers in the democratic promises of online community, spam is therefore an abomination: a usurper of the net’s most important resource. (I doubt that the novelist Bruce Sterling is being hyperbolic when he refers to spam as “a great human evil” on the book’s dust jacket.)

According to Brunton, spam produces both a technical and a social disruption. On a technical level, new forms of spam reveal features of the system that may not have been previously known to users, administrators, or designers. For example, a blog that does not require readers to log in may implicitly encourage discussion, but it also provides a free publicity platform for spammers. Faced with this unexpected development, the blog’s owner must decide if it is more important to keep spammers out, making it harder for readers to leave a comment, or whether the ease of open communication is worth the hassle of having to manually delete unwanted or irrelevant material. Brunton describes this field of possibility as an “indistinct area between what a system is understood to be and what it functionally permits.” Spam forces us to reflect on values that may otherwise have gone unacknowledged in our technology use.

On a social level, meanwhile, the emergence of spam forces groups of users into a similar state of self-reflection. What does and doesn’t count as spam, Brunton emphasizes, is seldom clearly defined within any given community from the outset. In order to identify spam in a system, users are compelled to define the boundary between spam and non-spam, an act of collective metacognition that Brunton terms “higher-order debate.” While all users might agree that an invitation to buy penny stocks is out of place on a forum about amateur radio, not all unexpected activity is so easily identified as spam. Should all advertising be banned from online public forums? If not, what types of advertising are allowed? Can forum posters sell their old radios on the forum? What about hobby radio shops or representatives of the military? Beyond its technical implications, spam forces members of online communities to be explicit about what they find socially acceptable and objectionable, and thus to define themselves.

In Spam’s middle chapters, Brunton traces a novel history of networked computing by way of the emergence and evolution of spam from 1971 to 2010. These chapters are dense and fast-moving, filled with numerous colorful anecdotes about the war between spammers and anti-spam crusaders, as well as about users trying fruitlessly to stay out of the fray. Whereas other historians of technology have been able to rely on old system manuals, institutional archives, and interviews with surviving users and engineers, Brunton’s task is more difficult: formal preservation of spam-related materials is very rare, for the simple reason that spam is usually deleted as quickly and permanently as possible. As a result, Brunton finds himself chasing the spam story across an array of unusual, and in many cases unstable, primary sources. Usenet FAQs, internet RFCs, and other vernacular policy documents provide some of the most important clues about the characteristic conflicts of their particular times and technologies, and Brunton’s enthusiasm for his ephemeral subject matter is evident in the care that he takes in reconstructing these contexts for readers who may not have personal experience with a time-sharing terminal, a dial-up internet service, or an encrypted grey-market chat room.

¤

The first of Brunton’s three “spam epochs” is the longest, beginning with the original internetworking experiments among university research labs in the 1960s, and ending with the transition from public to private administration of key internet infrastructures in the mid-1990s. Brunton characterizes these early years as a period of “deep uncertainty” about the purpose of networked computing. Depending on whom you asked, the military-funded ARPANET promised either disaster-proof command-and-control or collaboration between researchers at far-flung universities. Hobbyist and student-run networks such as FidoNet and Usenet were even less proscriptive. As new users came online each year, they found that the low-bandwidth, text-only systems could be adapted to numerous unanticipated activities: public debate, collective intelligence, file sharing, and fantasy gaming, to name only a few. And from the very start, some of their experiments seemed to transgress unwritten rules, raising the ire of other users. It is in these “protospam” moments that the contours of the book’s “shadow history” begin to take shape.

Brunton’s account of the early net focuses on recurring problems of scarcity: users’ time online was limited, their connections were slow, data was expensive, and video displays were crude. Many terminals required a special microchip to display lowercase letters, and once a line of text scrolled off the top of the screen it was gone forever. In this environment, unwanted characters could be very costly in terms of billable time wasted. “The closest someone in the current developed world can come to this experience is trying to browse the Internet over a satellite phone connection,” Brunton writes. He estimates that European users of the 1980s might have been paying as much as six US dollars per minute to download Usenet messages at a rate of just three hundred characters per second. The lengthy reply-all email chains that fill up the modern inbox would have exhausted the budget of a university department in a matter of days.

While today’s internet is marked by an abundance of links to click and videos to watch, user attention in the early period was limited by the small volume of information that could actually end up on the screen. To that end, Brunton finds that early users implicitly valued the prudent use of network resources. Behavior identified as “spam,” by contrast, was “lazy, indiscriminate, and a waste of the time and attention of others.” While it could be deliberately malicious (e.g., flooding a chat channel with Rush lyrics), “spamming” might also refer to a simple lack of decorum, such as “someone pouring out their heart in a public forum.” Early spam was anything internet users considered rude and inconsiderate; the word had yet to earn a specifically commercial, or criminal, connotation.

In addition to the technical limits of these early systems, Brunton stresses that access was severely limited by socioeconomic class, geography, and institutional affiliation. Campus networks and dial-up bulletin board systems were often populated by users who knew one another in person. They were classmates, colleagues, and members of local computer clubs. Three key figures of the period, Vint Cerf, Steve Crocker, and Jon Postel, all attended the same high school in Van Nuys, California, before working together as graduate students at UCLA. Even a multi-institutional system like the ARPANET was essentially a monoculture of high-achieving researchers and military specialists. Furthermore, most of the users were responsible for the maintenance, if not the future development, of their local systems. As a result of their common backgrounds and training, early users shared an implicit set of values and expected a high degree of technical know-how from one another.

The late Postel — “an autodidactic hacker who got mediocre grades until he found the world of computers” — is emblematic of internet users’ reaction to the first spam era. Brunton describes users like Postel as “wizards” who fancied the protean cyberspace a meritocracy in which trust would be based on demonstrable technical knowledge. In a 1975 memo to the Network Working Group titled “On the Junk Mail Problem,” Postel anticipated the imminence of spam, but his description belies an assumption that spam would be the result of malfunctioning software rather than the expression of human intent. Spam was a bug to be tackled informally among friendly acquaintances. If a host machine seemed to be, in Postel’s words, “misbehaving,” one need only place a phone call to resolve the disturbance. The idea that the network might be abused by human beings was, apparently, unthinkable in the 1970s.

The ARPANET remained a “bubble of trust” shared among “a group of intelligent peers” for the duration of its existence, but newer, more open systems like The WELL, Usenet, and FidoNet facilitated the entrance of a much more diverse user population in the 1980s. This new plurality invited controversy, and these networks provide Brunton with his first examples of users grappling with truly thorny problems of spam, speech, and moderation. In one particularly compelling anecdote from 1988, a message begging readers to mail a dollar to a “poor college student” in Nebraska was simultaneously cross-posted to hundreds of different Usenet discussion groups. In the absence of any clear governance or policing structure, enraged users responded with a barrage of profane emails, prank calls, and other sorts of remote harassment. Brunton compares this “symbolic form of vigilantism” to the public humiliation carried out by the mob-like charivari in Europe during the Middle Ages. Although some users were frustrated that Usenet lacked an institutional body with the authority to punish the proto-spammer, no lasting policy was created in the aftermath of the conflict. Systems like Usenet may have been more diverse than their forebears but they were still disconnected villages compared to the vast multinational megalopolis we inhabit today.

¤

The transition from the first to the second of Brunton’s spam epochs is marked by the emergence of “commercial, automated, and indiscriminate” spam. Whereas proto-spam was annoying, it could be explained as the unintended output of malfunctioning software or a misunderstanding among new users. By 1994, however, Brunton writes, “the demographics of [...] the dominant Internet were changing.” The ARPANET was decommissioned, commercial networks like CompuServe attached gateways to their walled gardens, and the NSF-funded internet infrastructure was privatized by an act of Congress. Long-time users could sense “a shift in the kind of people spending time online,” and, with the rise of the entrepreneurial dot-com era, market norms and values began to overtake the “noncommercial collegiality” that had marked the university networks of the 1980s. While Brunton’s first epoch is “largely a story about building community and managing scarce resources,” it is also about laying the foundation for the emerging spam industry.

The naïveté of the early internet monoculture created optimally exploitable conditions for spammers: the infrastructure and the user population were large and growing amid a near-complete absence of formal regulation. Thus begins the second spam epoch, extending from 1995 to 2003, characterized by “the rise and fall of spam as a business that could feign respectability.” On one hand, this period could be reduced to an ongoing conflict between spammers and anti-spammers. On the other, the story of spam through these boom years reflects rising tensions among the many different constituencies affected by globalization. It is here that we first encounter infamous figures like the Nigerian 419 scammer, the shady offshore service provider, and the clueless policy-maker.

Longtime anti-spammers regarded the emerging online advertising industry with suspicion. Some organizations seemed to walk a fine line of acceptable use, continuing to rely on deceptive techniques for disseminating massive volumes of unsolicited mail. In 2000, an anti-spam activist calling himself the “Man in the Wilderness” gained illegal access to a commercial spam service called Premier Services, intercepted internal communication for several weeks, and posted a five megabyte dossier to his own public anti-spam forum. Although the hacker justified his actions by pointing to the service’s deceptive business practices, he also included private photos, chat logs, and home addresses that embarrassed employees of the spam service and enabled the harassment of their families.

If such hardline anti-spammer tactics are hard to accept, their counterparts in the spam industry are surprisingly sympathetic. According to Brunton’s account, the typical spammer employed by a company like Premier Services was little more than an information worker in a conventional bureaucracy. Such spammers lacked the passion and technical sophistication of either the anti-spam crusaders or the first-epoch “wizards.” Instead, they considered the internet a new marketing opportunity and relied on third-party software to carry out their mass-mailing campaigns. Absent the patina of criminality, the day-to-day business of spam appears banal at best. Chat logs posted by the Man in the Wilderness reveal employees negotiating with suppliers, managing accounts, trying to attract new clients, and struggling to repair their constantly malfunctioning bulk email systems. Alongside these boring intra-office exchanges, the exhortations of the anti-spammers read like zealotry. Not only were their “shaming and flaming” tactics violent and invasive, they were thoroughly ineffective. Spammers regarded the typical anti-spam activist not as a serious threat but as a “loser” who needed to “get a life.”

The anti-spam movement similarly failed to attract serious attention from legislators. Although the internet, and the world wide web in particular, began to gain a higher profile in popular culture in the early 1990s, they remained mysterious to most people in the United States. Without firsthand experience, it was difficult for policy-makers to grasp the stakes of the spam controversy. Brunton details many of the failed metaphors that anti-spammers tried to use in their appeals for legislation: junk faxes, robocalls, trespassing, parasites, littering. None could quite capture the phenomenon of spam in its totality. Ironically, when Congress finally passed anti-spam legislation in 2003, anti-spammers were compelled to oppose the bill because it effectively protected spam as a legitimate advertising business similar to direct mail or telemarketing.

One of the challenges facing the anti-spammers of the second epoch was the unpredictable evolution of spam as a function of the global diffusion of internet access. In one of his sharpest passages, Brunton offers a gripping analysis of the notorious “419” scams operated out of Nigeria. Any reader who has been entreated to help free the frozen assets of an exiled prince will be fascinated to learn about the scam’s roots in the Spanish Prisoner con of the 19th century. An 1898 story in The New York Times outlines the familiar narrative: a deposed Spanish princess unjustly imprisoned in Havana needs the target's help to escape and reclaim her stolen wealth. Invariably, complications arise during her escape and additional bribes are required. In the worst cases, the target is bankrupted by the fantasy. Brunton describes the complex production of the Spanish Prisoner’s modern-day variant, the Nigerian 419 scam, as “a strange kind of writing machine.” Once a mark takes the bait, a multi-level creative team springs into action to produce a bizarre alternative reality game for the unwitting participant involving (fake) documents, (real) news articles, (fake) websites, and (real) money. Exploitation seems to fold in upon itself as scammers craft narratives that “model the stereotypes [about Nigeria] that they think their audience already believes.” And yet, the unsolicited emails that open these long cons are comparable to earlier forms of spam only in their bid for human attention, an ambiguity that undermined the anti-spammers’ efforts to craft a universal definition for “spam” with which to solicit outside support.

At the start of the 21st century, frustrated anti-spammers increasingly pursued technological solutions to the problem of unsolicited email. Although ad hoc solutions like “blocklists” and “killfiles” had been in circulation for several years, they were tedious to maintain and perennially out of date. Meanwhile, advances in computational text analysis were transforming the massive volume of text on the web into something “robot-readable.” This growing area of research marked an ontological shift in the status of text online, leading to both a proliferation of new forms of spam — including “link spam,” “blog spam,” and “lit spam,” to name a few — and radical advances in anti-spam technology. Rather than continue trying to explain spam to the House of Representatives, a new generation of anti-spammers began to create spam-fighting software to quietly and autonomously keep their inboxes clean.

¤

The third epoch in Brunton’s chronology — the current era — begins with the application of computational text analysis to email software and search engines. In the case of email, text analysis enabled probabilistic spam filters to identify incoming spam based on the similarity of its content to that of messages previously marked as spam. Given enough time and enough spam, such filters eliminate nearly all spam before it ever reaches a user’s inbox. By the mid-2000s, this approach was adopted by the major webmail providers, more or less destroying the profitability of the legitimate spam business. Meanwhile, search engines like AltaVista and Google used text analysis techniques to extract meaning from the ever-expanding web. Google’s crucial advantage over its peers, the PageRank algorithm, incorporated the context of inbound links to assess trustworthiness, a process that Brunton describes as “the quantification of attention.” Together, these advances in the infrastructure of email and search profoundly altered the internet.

The principal effect of “making spam scientific,” argues Brunton, was that the business of spam was “left [...] to the criminals.” Rather than pitching a sketchy product or service, spam was increasingly used as the opening for more damaging grift: “phishing” for passwords, identity theft, and the delivery of malware. Although response rates were very low, the black market value of a stolen credit card could be orders of magnitude greater than the legitimate sale of generic Cialis. For the creative criminal, being pushed underground offered liberation from “any pretense of legitimacy” and “freed up a great deal of technical ingenuity.”

Initially, spammers attempted to fight back against the probabilistic spam filters with text analysis software of their own. “Litspam,” writes Brunton, came in the form of “cut-up literary texts statistically reassembled to take advantage of flaws in the design and deployment of [probabilistic] filters.” Drawing on the deep well of public domain texts available on sites like Project Gutenberg, this new spam could read like “fractured textual experiments”: automated Dada-like poetry combining such disparate material as Jules Verne novels, Nelly lyrics, and a long-lost recipe for pecan sandies. These “litspam generators,” the agents of what Brunton calls “spam’s modernism,” were designed to incorporate enough hostage literature to trick the probabilistic spam filters into classifying their output as authentically human. A 2005 email from “Clyde Blankenship” titled “Observations on my first Cia1!s experience” illustrates the “pure arbitrary utility” of a typical litspam pastiche:

forsaken is multiple gaseous a balmy not stannous cool. indefatigable is pigtail coed is bracket a commodious cyclist good. lotus is greenberg catch a haulage not regis cool. actaeon is elsinore mud is familiarly a expiable toe good.

Brunton hesitates to liken such “poisoned Bayesian spew” to the work of human poets — even those employing avant-garde cut-up techniques — instead comparing litspam to “flipping through channels on a television.” To date, none of the anonymous programmers responsible for the machinery behind litspam have stepped forward to claim authorship, but their voices would lend an intriguing new dimension to this period.

Although the litspam period was brief, it marks the full-bore introduction of non-human actors into Brunton’s spam chronology. With litspam, human readers were increasingly marginal to the circulation of spam, no longer the audience, but rather the referent. “Legs and Stomach can be thinner” reads the subject line from a litspam message I received in 2005. The text reads, in full:

Legs and Stomach can be thinner Good day sir, Say bye to extra kilograms you carry everyday.

The message included neither a link nor an attachment; it was simply an exploratory prod at my spam filter. Instead of humans vying directly for one another’s attention, spamming had by this point become a conflict between machines: “one set of algorithms constantly trying to convince the other of their acceptable degree of salience,” in Brunton’s words.

As Brunton’s narrative catches up to the present, email ceases to be spam’s primary field of action. In spite of the constant barrage of conventional spam mail — as much as 85 percent of all email traffic in 2006 — most people see “only a minuscule portion” of it thanks to probabilistic filtering. But lest we get too comfortable, Brunton points to a panoply of emergent forms of spam, many of which are intended to manipulate the algorithms that order search engine results. Brunton describes large, concentrated networks of algorithmically generated “spam blogs” (or “splogs”) perpetually linking to, commenting on, and plagiarizing one another. Each blog is plastered with advertisements, most of them served through Google’s AdWords platform, producing a “PageRank greenhouse” populated by non-human agents crudely simulating an online community.

Despite its sustained volume, the population of individual human spammers continues to decline. Today, spam plays a “minor and incidental part” in the larger drama of online criminality, serving primarily as the delivery mechanism for viruses that can silently transform a workaday Windows PC into an unwitting member of a botnet. Often the first action taken by the infected PC is to recirculate the same virus-laden message to its network neighbors, a type of autonomous regeneration classified as “self-propagation spam” by security professionals. Readers may be surprised to feel a twinge of mild melancholy upon learning that email spam has been reduced to a mere mule after such a long and colorful history. Penis Patch, we hardly knew ye.

¤

Brunton’s book is a pleasure to read, packed with detailed anecdotes that ground its ambitious scope in the everyday experiences of both the spammers and the spammed. The book’s subtitle reads, “A Shadow History of the Internet,” but the story we encounter inside may be more accurately described as a history of the internet’s shadow. At each turn, Brunton sets aside the areas of the net illuminated by publicity and venture capital to explore the ignored cracks and corners where spam proliferates. The account of early computer networks is particularly commendable for its diligent effort to look beyond the conventional ARPANET mythology to less well-documented systems such as Usenet, FidoNet, and AOL. As the richness of Brunton’s narrative demonstrates, there is still much to learn about the formation and growth of online communities in the 1980s and 1990s. In this regard, Spam ought to serve as a friendly provocation to a high-tech culture that operates with a limited sense of its past.

Matters get more complicated as we approach the present. During spam’s third epoch, Brunton’s commitment to the technical specificity of his subject threatens to overwhelm the book’s core narrative. As 21st century spam fragments into countless new forms, it takes on a numbing redundancy. Spam comments, spam pings, spam tweets, and spam books are all evidence of the same algorithmic battle for attention that followed the introduction of probabilistic email filters. Furthermore, these new practices are fleeting, arcane, and spottily documented, a result of spam’s increasingly criminal character. Nevertheless, Brunton digs in and extracts the unique character of each new form, a diligence and attention to detail that will delight some readers (though others may find it tedious).

While readily identified email spam seems increasingly marginal to the online experience, a more familiar bid for our attention is indisputably on the rise. As older forms of media increasingly migrate to the web, they carry with them a different set of expectations regarding the proper position of advertising. Amid this convergence, how are we to differentiate the “sponsored tweets” injected into our feeds by Twitter from the “spam tweets” sent to us periodically by third-party spam bots? What is the difference between using TiVo to skip a television commercial and using ad-blocking software to remove the advertisements from Facebook? In light of Brunton’s historical analysis, we might ask who has the authority to mark online activity as either spam (illegitimate) or advertising (legitimate), and who stands to benefit from the outcome.

Recent changes to the political economy of internet access in the United States suggest a resurgence of the central conflicts found in Brunton’s first and second epochs. As mobile internet providers introduce monthly “data caps” and tiered pricing, we are entering into a new period of information scarcity. The cost incurred by unsolicited advertising no longer solely on our attention but is felt by our wallets as well. Is it appropriate for high-resolution advertisements to count against a user’s monthly data allowance? For the moment, very few users have calculated the amount that they are obliged to spend on unsolicited material, but, if Brunton’s history is any indication, they soon will.

A second change, hinted at in Brunton’s account of the strange ecology of blog spam, is that the largest spam-fighting organizations on the web have become the largest platforms for legitimate advertising. Consider the case of Twitter. The company’s Terms of Service enumerate a long list of practices — such as “aggressive favoriting” — that constitute spam on their system. In 2011, the Terms were updated to restrict client software that would filter “promoted tweets” out of a user’s timeline. Like many media services, Twitter is a two-sided platform with paying advertisers on one side and non-paying users on the other. It is essential to their business that the ads they sell are actually seen by their users. As the operator of a centralized social system, Twitter asserts the authority to classify some commercial messages as legitimate advertisements and others as spam.

Google represents an even more intriguing example of what Brunton describes as the “blurry places where spam threatens to blend into acceptable use.” Since their inception, Google’s search and email services have enjoyed a reputation for intelligently filtering out irrelevant and deceptive information. Yet, like Twitter, Google’s business model depends on the provision of advertisements across its many free services. In fact, Google goes one step further by offering a profit-sharing model to the owners of other web services and mobile applications. Each time Google serves an advertisement to a third-party client both Google and the client share in the revenue paid by the advertiser. The unintended side effect of this arrangement is that Google stands to profit from the ads displayed on spam blogs at the same time as it is responsible for filtering out spam from its search results. This compromised position, outlined by Brunton in his treatment of the third epoch, merits deeper inquiry.

To date, the major providers of social software have successfully managed to situate themselves on the legitimate side of unsolicited information, but this balance seems increasingly difficult to maintain. In March 2013, Google removed ad-blocking apps like AdblockPlus from the Google Play store, arguing that removing advertisements from the web constitutes a breach of their Terms of Service. This response echoes the objection to TiVo raised by some television advertisers who argued that an implicit social contract compels users not to skip over their ads. So far, users seem to accept some amount of advertising in exchange for free services, but it is not clear that they will continue to feel this way as online advertisers become more aggressive and targeted advertising becomes more invasive. Each of the transitions in Brunton’s periodization occurred as a result of an unforeseen change to the online environment: the privatization of the internet in 1994 and the development of probabilistic filtering software in 2003. One wonders how the web will change if users stop seeing sponsored links and banner ads as the legitimate costs of entry and instead perceive them as illegitimate spam to be filtered and fought.

As Brunton demonstrates, the history of spam — by definition, that which is undesirable and annoying — can help inform our ongoing quest to determine what the internet is and can be. “Spam,” he explains, provides a “zone where we can meet and negotiate about meaning.” Each change in spam’s form and meaning reflects a broader transformation in computer-mediated communication. As users find one another online, new technologies are made available, the cost of participation rises and falls, infrastructures change hands, and online services open and close their virtual doors, so the definition of spam must also be reconfigured. Innovations in spamming typically provoke novel anti-spam countermeasures, which produce, in turn, new exploitable opportunities for spammers. Brunton refers to the legacy of this tit-for-tat as “the negative shape of the history of people gathering on computer networks." The history of what we didn’t want is as important as what we did, and to remember it helps us to understand how this transnational assemblage we call “the internet” came to be.